)]}' { "commit": "507daf391d1f973cd5226d01361bb4eec9e14766", "tree": "c8d7a57cce0740b5a019a9578ffb2a902d195f85", "parents": [ "e7681d1a788d31a30b714b9688b29074645b096d" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Thu Jun 23 00:55:22 2022 -0400" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Thu Jul 07 14:41:17 2022 +0000" }, "message": "Check Unicode string encodings in crypto/asn1.\n\nThis checks validity for UTF8String, BMPString, and UniversalString.\n\nWhen we detach the core types from ASN1_ITEM, this will likely also be\nreshuffled around, probably into type-specific functions. But for now\njust get the checks in place.\n\nUpdate-Note: Invalid strings in X.509 certificates and other ASN.1\nstructures will now be rejected. This change is less risky than it seems\nbecause most strings in X.509 are in X509_NAME, which already rejected\ninvalid instances of these string types (but not other string types)\nduring canonicalization. See https://crbug.com/boringssl/412 for a\ndiscussion of that mess.\n\nBug: 427\nChange-Id: I0d7e24dfd841703d2a8581ec4e78ed5bc3862d75\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/53225\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Adam Langley \u003cagl@google.com\u003e\n", "tree_diff": [ { "type": "modify", "old_id": "442c1eabbf283fe1b421f8ab6f314d916ad12169", "old_mode": 33188, "old_path": "crypto/asn1/asn1_test.cc", "new_id": "195d5a89d358ce346ae16e69927dcde5c4ce338a", "new_mode": 33188, "new_path": "crypto/asn1/asn1_test.cc" }, { "type": "modify", "old_id": "c855fe529169ec08f167ec2df85bba06713aec1f", "old_mode": 33188, "old_path": "crypto/asn1/tasn_dec.c", "new_id": "de8779171f243f4dd732ff7c55ddbe2030243195", "new_mode": 33188, "new_path": "crypto/asn1/tasn_dec.c" } ] }